David,
On Tuesday 16 October 2012 12:46:26 David Wainberg wrote:
> So, this is getting more specific: "a dossier of more than one
> data item." Can you elaborate? Why is it only more than one item?
> Is there a small number that is also acceptable, such as 3 or 5?
> Is there a time element? This sounds like the type of specific
> problem for which we might be able to tailor a solution.
We either have a few items of very high entropy or large amounts of
data that create privacy risks (Westin's dossiers, reduced autonomy,
loss of control of one's image/only for stars in US). In security,
the breach of only one item may be decisive and make the system
vulnerable. In Privacy/data protection it is the profile or the raw
material to create such a profile. The more powerful our computers
are, the easier it is to create a profile out of raw data.
With this in mind, I'm willing to help tailor a solution that
addresses the risk. Unique IDs are precisely a problem because they
allow for easy profile building out of raw data. The simpler the
abuse, the higher the risk the more we need safeguards. If we argue
along those lines, we can be very convincing, also towards
regulators.
>
> > Users today make a risk judgment about the potential abuse of
> > their data. The common opinion is that once it is out, data
> > will be abused. The limits only lie within the creativity of
> > the folks abusing the data. Conclusion: don't give them data.
>
> There is little to no basis for this very broad statement. That is
> why we need to zero in on specific issues and real-world risks.
I'm not putting a risk forward, but rather exemplify the panopticon-
effect and the psychologic fallout. If they know enough to precisely
target my wishes, what do they know about me? You know it, you'll
say "this is trivial and does no harm". But none of us has yet
argued for an API for data subject access so they can see what is
held on them and how it is organized.
> >> Vincent recently raised one specific case -- access to server
[...]
> > fears are not justified. It is all about making trust for the
> > market place...
>
> Again, this is an over-broad statement.
You're right, I have to look at the permitted uses with the
viewpoint exemplified above. Just imagine for a moment you were
paranoid and then look at the permitted uses. You'll identify the
weak points where we need argumentation or minimization.
Rigo